<?php
// panggil fungsi koneksi
require_once("../library/fungsi.lib.php");

// aktifasi session
session_start();
$msg = "";
if (isset($_SESSION["USRID"]) > 0) { //Jika Sesssion ada value nya
    header("Location: hansip.php?module=home") or die("Can not go to location");
} else {
    if (isset($_POST["userName"]) > 0) {
        $userName = anti_injection($_POST["userName"]);
        $userPass = anti_injection(md5($_POST["password"]));

        $sql = "SELECT COUNT(user_id) AS tot_rec FROM users WHERE user_id = '$userName' AND user_pass = '$userPass' AND user_status='Y'";
        $CheckQuery = mysql_query($sql);
        $rsDataCheck = mysql_fetch_array($CheckQuery);

        if ($rsDataCheck["tot_rec"] > 0) {  //Check Apakah User Sudah Ada
            $sqlUser = "SELECT * FROM users WHERE user_id = '$userName'";
            $UserQuery = mysql_query($sqlUser);
            $rsDataUser = mysql_fetch_array($UserQuery);

            $_SESSION["USRID"] = $rsDataUser["user_id"];
            $_SESSION["USRPASS"] = $rsDataUser["user_pass"];
            $_SESSION["USRNAME"] = $rsDataUser["user_name"];
            $_SESSION["USRLEVEL"] = $rsDataUser["user_level"];
            $_SESSION["USRLOGIN"] = $rsDataUser["user_last_login"];

            ///-> Update last login
            $mbr_last_login = date('Y-m-d H:i:s');
            $qUpdate = "UPDATE users SET user_last_login='$mbr_last_login' WHERE user_id='" . $_SESSION["USRID"] . "'";
            $eUpdate = mysql_query($qUpdate);
            ///<- 

            header("Location: hansip.php?module=home") or die("Can not go to location");
        } else {
            $msg = "User tidak ditemukan, silahkan ulangi lagi";
        }
        mysql_free_result($CheckQuery);
    }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=windows-1252" />
        <link href="<?php echo URLHOST; ?>asset/img/favicon.ico" rel="shortcut icon" type="image/x-icon" />
        <title><?php echo title . " - Login"; ?></title>
        <link rel="stylesheet" type="text/css" href="<?php echo URLHOST; ?>asset/css/astyle.css" />
        <script language="javascript" type="text/javascript">
            function isEmpty(str) {
                if (str==null || str=="") return true;
                return false;
            }

            function validate(nama, kunci) {
                if (isEmpty(nama)) {
                    alert('Username Harus di Isi');
                    return false;
                }
                if (isEmpty(kunci)) {
                    alert('Password Harus di isi');
                    return false;
                }
                return true;
            }
        </script>
    </head>
    <body>
        <div id="wrap">
            <!-- untuk header !-->
            <div id="header"></div>

            <div id="content">
                <div id="login">
                    <form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post" onSubmit="return validate(this.userName.value, this.password.value);">
                        <label>Username</label><input type="text" name="userName"  id="userName" />
                        <label>Password</label><input type="password" name="password" id="password" />
                        <input type="submit" name="Submit" value="M A S U K" />

                        <br /><p class="error"><?php echo $msg ?></p>
                    </form>
                </div>
            </div>

            <!-- untuk footer !-->
            <div id="footer">
                Copyright &copy; Tugas Akhir Abdee Zakwan <?php echo date('Y'); ?>.
            </div>
        </div>
    </body>
</html>